Method and system for securely communicating data, the method comprising the steps of: initiating a secure communication between a mobile device and a requester using a cryptographic key to verify the user of the mobile device. Receiving, using the secure communication, at a mobile device a request from the requester, the request including an indication of one or more requested data attributes associated with a user of the mobile device. At the mobile device, querying a data store for the requested one or more data attributes and a verification attribute. In response to the request, providing the requester, using the secure communication, with the requested one or more data attributes and the verification attribute from the data store, wherein the verification attribute is generated from one or more data items of a physical token issued to the user, the one or more data items including information characterising a biological feature of the user, the verification attribute also indicating that sensor data of a biological feature of the user detected by the mobile device has been matched to the information characterising the biological feature of the user. At the requester, receiving the verification attribute over the secure communication.
Legal claims defining the scope of protection, as filed with the USPTO.
2. The method of claim 1, wherein the step of initiating the secure communication between the mobile device and the requester further uses a cryptographic key to verify the identity of the requester.
3. The method of claim 2, wherein the cryptographic key used to verify the identity of the user and/or the requester is stored in a distributed ledger and wherein the step of initiating the secure communication between a user of a mobile device and a requester includes retrieving the cryptographic key of the user and/or requester from the distributed ledger.
5. The method of claim 4, wherein the data describing the one or more data attributes describe any one or more of: the size, length, data structure, format of the one or more data attributes, creation time, expiration, and/or revocation.
6. The method according to claim 1 further comprising the step of storing within the distributed ledger, a log of the request and a log of the response.
7. The method according to claim 1, wherein the data store is within the mobile device or within an external database accessible over a network.
8. The method according to claim 1 further comprising the step of the requester storing a log of the request and a log of the receiving the one or more user data attributes.
9. The method according to claim 1, wherein the information characterising a biological feature of the user is stored within a secure digital data store within the physical token.
10. The method of claim 1, wherein the data attributes originating from the external organisation are digitally signed by the external organisation.
11. The method according to claim 1, wherein initiating the secure communication between a user of a mobile device and a requester further includes using graphical representation of data displayed to by the mobile device to the requester and/or by the requester to the mobile device, wherein the graphical representation of data includes a cryptographic key of the user and/or a cryptographic key of the requester.
12. The method according to claim 1, wherein the response further includes payment data enabling the requester to obtain payment from the user.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
October 30, 2019
September 13, 2022
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.